Privacy & GDPR Policy
Introduction
Refix is committed to protecting the privacy and security of our users’ data. This policy outlines our practices and commitments in relation to data protection and privacy, in compliance with the General Data Protection Regulation (GDPR).
What is GDPR?
The General Data Protection Regulation (GDPR) is a regulation enacted by the European Union (EU) that requires organizations to safeguard personal data and uphold the privacy rights of individuals in EU territory.
Refix’s GDPR Compliance
Refix is fully compliant with the GDPR framework. We are committed to:
- Minimizing data collection
- Ensuring data security
- Respecting user privacy
- Providing transparency in our data practices
Refix as a Data Controller
Refix acts as a Data Controller for the personal information provided by our customers to use our service (e.g., registration information). We do not sell personal data to third parties or use it for marketing purposes without explicit consent.
Refix as a Data Processor
When our customers use Refix to collect data about their website visitors, Refix acts as a Data Processor. We process this data according to our customers’ instructions and in compliance with GDPR. We use as minimal amount of sub-processors as possible. Here is the full list:
| Service | Usage | GDPR Compliance |
|---|---|---|
| Stripe | Payment processing and subscription management | Learn more |
| Clerk | User authentication and management | Learn more |
| Loops | Email communication and marketing automation | Learn more |
Data We Collect
We collect minimal data to provide our service effectively:
| Data Point | Description |
|---|---|
| Unique user identifier | A randomly generated ID stored locally in the user’s browser to distinguish individual visitors anonymously. |
| Page views | URLs of pages visited |
| Referrer | The source of the visit |
| Device information | Browser, operating system, screen width and device type |
| Location | The user’s country, inferred from their browser’s timezone setting. No IP addresses are collected or used. |
Data Storage and Security
- All data is encrypted and stored on servers located within the European Union.
- We use industry-standard security measures to protect your data.
- We regularly perform backups to prevent data loss.
User Rights
Under GDPR, you have the right to:
- Access your personal data
- Rectify inaccurate personal data
- Erase your personal data
- Restrict or object to processing
- Data portability
To exercise these rights, please contact us at hey@refix.ai.
Data Retention
We retain data only for as long as necessary to provide our service and comply with legal obligations. Users can request deletion of their data at any time.
Changes to This Policy
We may update this policy from time to time. We will notify users of any significant changes.
Contact Us
If you have any questions about this policy or our data practices, please contact us at:
Email: hey@refix.ai
Last updated: 1st August 2024